CLAIMS 



1 . A method for limiting access to electronic documents, said method 
comprising: 

5 creating a process-driven security policy having a plurality of states, with each 

of the states having a different set of access restrictions; 

associating an identifier to the process-driven security policy; and 

making the identifier available to certain of users or groups of users. 

10 2. A method as recited in claim 1 , wherein the identifier is a classifier. 

3. A method as recited in claim 1 , wherein the process-driven security policy is 
provided or part of a document security system. 

15 4. A method as recited in claim 1 , wherein said method further comprises: 
creating an electronic document; and 
assigning the identifier to the created electronic document. 

5. A method as recited in claim 1 , 

20 wherein the process-driven security policy is provided or part of a document 

security system, and 

wherein said method further comprises: 

creating a plurality of electronic documents; and 

assigning the identifier to each of the created electronic documents. 

25 

6. A method for imposing access restrictions on electronic documents, said 
method comprising: 

Att. Dkt No.: SSL1 P020/SS-40 -25- 



providing at least one process-driven security policy from a server machine to 
a client machine, the process-driven security policy having a plurality of states 
associated therewith; and 

associating the electronic document with at least one of the states of the 
5 process-driven security policy to impose access restrictions on an electronic 

document, the access restrictions being dependent on the at least one of the states 
of the process-driven security policy. 

7. A method as recited in claim 6, wherein said method further comprises: 

10 subsequently changing the state of the process-driven security policy for the 

electronic document. 

8. A method as recited in claim 7, wherein said changing is initiated by a user. 

15 9. A method as recited in claim 7, wherein said changing is automatically 
performed based on events that occur at or are received at the client machine. 

10. A method as recited in claim 6, wherein the electronic document includes 
security information, and the security information includes at least an indication of 

20 the state of the process-driven security policy for the electronic document. 

11. A method as recited in claim 6, wherein said method is performed on a 
document-by-document basis. 

25 12. A method as recited in claim 6, wherein at the client machine, each of a 
plurality of electronic documents are in one of the states of the process-driven 
security policy. 
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13. A computer readable medium including at least computer program code for 
imposing access restrictions on electronic documents, said computer readable 
medium comprising: 

computer program code for providing at least one process-driven security 
5 policy from a server machine to a client machine, the process-driven security policy 
having a plurality of states associated therewith; and 

computer program code for associating the electronic document with at least 
one of the states of the process-driven security policy to impose access restrictions 
on an electronic document, the access restrictions being dependent on the at least 
10 one of the states of the process-driven security policy. 

14. A computer readable medium as recited in claim 13, wherein said computer 
readable medium further comprises: 

computer program code for changing the state of the process-driven security 
15 policy for the electronic document. 

15. A computer readable medium as recited in claim 14, wherein said computer 
program code for changing is initiated by a user. 

20 16. A computer readable medium as recited in claim 14, wherein said computer 
program code for changing is automatically performed based on events that occur at 
or are received at the client machine. 

17. A computer readable medium as recited in claim 13, wherein the electronic 

25 document includes security information, and the security information includes at least 
an indication of the state of the process-driven security policy for the electronic 
document. 

18. A computer readable medium as recited in claim 13, wherein the process- 
30 driven security policy is imposed on a document-by-document basis. 
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19. A computer readable medium as recited in claim 13, wherein at the client 
machine, each of a plurality of electronic documents are in one of the states of the 
process-driven security policy. 
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